CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Hdfgroup » Hdf5 : Security Vulnerabilities Published In 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-17439 119 Overflow 2018-09-24 2018-11-09
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
2 CVE-2018-17438 369 DoS 2018-09-24 2018-11-09
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
3 CVE-2018-17437 772 DoS 2018-09-24 2019-10-02
4.3
None Remote Medium Not required None None Partial
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
4 CVE-2018-17436 787 DoS 2018-09-24 2018-11-09
4.3
None Remote Medium Not required None None Partial
ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
5 CVE-2018-17435 125 DoS 2018-09-24 2019-10-02
4.3
None Remote Medium Not required None None Partial
A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.
6 CVE-2018-17434 369 DoS 2018-09-24 2018-11-28
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
7 CVE-2018-17433 119 DoS Overflow 2018-09-24 2018-11-09
4.3
None Remote Medium Not required None None Partial
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
8 CVE-2018-17432 476 DoS 2018-09-24 2018-11-09
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
9 CVE-2018-17237 369 2018-09-20 2018-11-21
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.
10 CVE-2018-17234 772 DoS 2018-09-20 2019-10-02
4.3
None Remote Medium Not required None None Partial
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
11 CVE-2018-17233 369 DoS 2018-09-20 2018-11-21
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
12 CVE-2018-16438 125 2018-09-03 2018-10-26
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.
13 CVE-2018-15671 400 DoS 2018-08-21 2018-10-16
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5P__get_cb() in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service.
14 CVE-2018-14460 125 2018-07-20 2018-09-06
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.
15 CVE-2018-14035 125 2018-07-12 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c.
16 CVE-2018-14034 125 2018-07-12 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c.
17 CVE-2018-14033 125 2018-07-12 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.
18 CVE-2018-14031 125 2018-07-12 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.
19 CVE-2018-13876 119 Overflow 2018-07-10 2018-08-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDread.
20 CVE-2018-13875 125 2018-07-10 2018-09-07
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out-of-bounds read in the function H5VM_memcpyvv in H5VM.c.
21 CVE-2018-13874 119 Overflow 2018-07-10 2018-08-31
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset.
22 CVE-2018-13873 125 2018-07-10 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c.
23 CVE-2018-13872 119 Overflow 2018-07-10 2018-08-31
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5G_ent_decode in H5Gent.c.
24 CVE-2018-13871 119 Overflow 2018-07-10 2018-08-31
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5FL_blk_malloc in H5FL.c.
25 CVE-2018-13870 125 2018-07-10 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.
26 CVE-2018-13869 119 Overflow 2018-07-10 2018-08-31
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.
27 CVE-2018-13868 125 2018-07-10 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_old_decode in H5Ofill.c.
28 CVE-2018-13867 125 2018-07-10 2018-08-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.
29 CVE-2018-13866 125 2018-07-10 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5F_addr_decode_len in H5Fint.c.
30 CVE-2018-11207 369 DoS 2018-05-16 2018-08-29
4.3
None Remote Medium Not required None None Partial
A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
31 CVE-2018-11206 125 DoS 2018-05-16 2018-08-29
5.8
None Remote Medium Not required Partial None Partial
An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
32 CVE-2018-11205 125 DoS 2018-05-16 2018-06-15
5.8
None Remote Medium Not required Partial None Partial
A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
33 CVE-2018-11204 476 DoS 2018-05-16 2018-06-15
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
34 CVE-2018-11203 369 DoS 2018-05-16 2018-06-15
4.3
None Remote Medium Not required None None Partial
A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
35 CVE-2018-11202 476 DoS 2018-05-16 2018-06-18
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
Total number of vulnerabilities : 35   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.